Remediation target rule with pause condition?

Ravish Shetty
Tera Guru

We are trying to use remediation target rules as a replacement for SLA's as we cannot use SLA's for Vulnerable item (sn_vul_vulnerable_item) records.

Unfortunately these rules do not have a pause condition out of box as of Kingston patch 6 and this has been confirmed by the SN support.

Can we have any workaround for pausing these remediation target rule calculation? Essentially our business case is to pause these calculation when a waiver request is submitted for any Vulnerability. Waiver requests have an end date. Once the date expires, these calculations are supposed to resume.

 

When we were using the SLA's, we achieved this by changing the state of a Vulnerable item to 'in review' when a Waiver is submitted. This would pause the SLA. There is a daily job which check if the Waiver request has expired and would change the state of the associated VI back to 'open' and this would resume the SLA.

 

find_real_file.png

1 ACCEPTED SOLUTION

Chris McDevitt
ServiceNow Employee
ServiceNow Employee

All,

If you look at traditional SLAs they are orchestrated by a workflow. Remediation Targets are just that, a target, not an agreement. This target is just blindly updated by the Scheduled Job. With that said, it is very confusing for the uses to see the "targets missed".

Here is what I would do: In the "Vulnerability State Change Approval" workflow, I would set the Remediation Target date to the date set by the Deferral approval as the new "Remediation Target" date for the item in question.

 

Go ahead and smash that helpful or correct button!

-Chris

 

View solution in original post

7 REPLIES 7

I'll take a look at that job to see what can be done without going too far away from OOB functionality.

Hi @JinN 

just verified that when we close a VIT and reopen it, the 'Last opened' date is reset to the opened date.

Hence, when the scheduled job would run, it will calculate it from the new 'Last opened' date which is fine.

However, when VIT moves to open from deferral state, the 'Last opened' field is not reset to the date when it moved from deferral to open.

So, even if we will make the field blank on deferral, upon open, the job will calculate it from the 'Last opened' field which did not change since deferral. As such the same target date will be set.

 

Let me know if it is otherwise.

Chris McDevitt
ServiceNow Employee
ServiceNow Employee

All,

If you look at traditional SLAs they are orchestrated by a workflow. Remediation Targets are just that, a target, not an agreement. This target is just blindly updated by the Scheduled Job. With that said, it is very confusing for the uses to see the "targets missed".

Here is what I would do: In the "Vulnerability State Change Approval" workflow, I would set the Remediation Target date to the date set by the Deferral approval as the new "Remediation Target" date for the item in question.

 

Go ahead and smash that helpful or correct button!

-Chris